Organisation certificate for HSM (SCSE)

The certificate for electronic invoicing and archiving

The SwissSign organisation certificate complies with the Federal Department of Finance's Ordinance on Electronic Data and Information (SCSE) and the Company Accounts Decree (GeBüV). With this non-personal certificate, you can sign legally compliant electronic invoices and archive documents. You can also exchange VAT-relevant data with other companies in a paper-free manner.

Product details

Verification of identity: E-mail address, applicant and organisation. In the certificate, however, only the name of the organisation and, where necessary, more detailed information such as the branch or department as well as details on the municipality, canton and country of the organisation's headquarters are displayed.

Policy

All binding guidelines for this certificate type are stipulated in the relevant Certificate Policy and Certification Practice Statement (CP/CPS): SwissSign-Platinum-CP-CPS

Smart digital processes

The SwissSign organisation certificate is a non-personal certificate. It is exclusively issued to organisations (companies and authorities).

With the SwissSign organisation certificate, you can sign electronic invoices and archive documents in a GeBüV-compliant manner. This certificate complies with the Federal Department of Finance's Ordinance on Electronic Data and Information (EIDI-V) and the Company Accounts Decree (OElDI).

Please submit the following documents by post

Original copy of the signed application form. You will receive the application form automatically via e-mail after redeeming the license at www.swisssign.net.

Switzerland: Personal identification of the applicant using a passport or identify card (Switzerland, Liechtenstein or EU) at any Swiss Post branch to acquire a "Yellow Identification". The copy (front and reverse) or the original of the Yellow Identification must be submitted to SwissSign together with the other registration documents.

Requests from outside Switzerland: certified identification of the requester by the notary or certified proof of signature of the signed application form by the notary which was visited personally by the requester. Certification should always be in English, French or German. Please send to us the original certified identification.

Legal attested excerpt from the commercial register that is no older than three months (excerpt from the Federal State Calendar for public institutions). Other proof of the organisation's existence on request.

Copies (front and reverse) of a passport or identity card (Switzerland, Liechtenstein or EU) belonging to the authorised signatory(ies) and/or co-signatory(ies) in accordance with the commercial register / Federal State Calendar.

Language: Please submit your documents in German, English or French. Documents in other languages or composed using non-Latin characters must be translated into one of the three mentioned languages and the translation must be notarised. To this end, organisations based outside the EU and Liechtenstein again also require notarisation based on the Hague Apostille.

Revoked certificates are listed in so called certificate revocation lists. Or they will be published by the online service OCSP which validates online current validity of a certificate. Certificate revocation lists can be downloaded here:

Each SwissSign certificate is signed by a SwissSign intermediate certificate. The SwissSign intermediate certificate is again signed by a SwissSign root certificate. In order to have a trustful certificate it is necessary to install the complete certificate chain e.g. on a web server. All operation systems and browsers have included the SwissSign root certificate but the SwissSign intermediate certificate must be installed. Either it is possible to download the end certificate including the complete certificate chain on swisssign.net or the SwissSign intermediate certificate will be installed later.

Each SwissSign certificate is signed by a SwissSign intermediate certificate. The SwissSign intermediate certificate is again signed by a SwissSign root certificate. In order to have a trustful certificate it is necessary to install the complete certificate chain e.g. on a web server. All operation systems and browsers have included the SwissSign root certificate but in some special cases it might be necessary to install the root certificate. Either it is possible to download the end certificate including the complete certificate chain on swisssign.net or the SwissSign root certificate will be installed later.

The certificate does not contain the name of the requesting person but only the name of the organization and, if necessary, specifying information such as the branch or department, country of the headquarters of the organization or information on the town or canton.

In terms of quality there is no difference – both are non-personal certificates of Platinum level. They differ only in the performance and the storage device. The organization certificate for HSM can also be ordered for a validity period of up to 5 years, the organization certificate as a smart card only for up to 3 years.

The performance of the smart card is around one signature per second (up to 3,500 signatures per hour). Storage device: smart card or USB token (included in delivery). Use in the hardware security module (HSM) enables very high performance and high availability over many years.

The issuance speed for SwissSign certificates depends on the certificate type and reaches from a few seconds up to 10 business days for certificates, which require an intensive manual verification of the requester, of the organization or of the domain. These deadlines are valid after reception of the registration documents by SwissSign and can be held under the exclusive condition that all documents are correct and complete.

An exception are those certificates with automated issuance, which do not require submission of documents (eg. domain-validated-only SSL). These certificates are usually issued immediately.

Issuance speed for SSL Certificates:

SSL Silver: a few seconds or minutes

SSL Silver Wildcard: up to 2 business days

SSL Gold: up to 2 business days

SSL Gold Wildcard: up to 2 business days

SSL Gold EV (Extended Validation): 5 to 10 business days

Issuance speed for Personal Certificates:

Personal Silver ID: up to 2 business days

Personal Gold ID: up to 2 business days

Organization Gold ID: up to 2 business days

Issuance speed for Organization Certificates:

PostCertificate for Organizations: 5 to 10 business days (except hardware delivery outside Switzerland)

SwissSign Certificate for Organizations: 5 to 10 business days

These deadlines are standard values and may be subject to extraordinary exceptions (eg. important workload of the registration authority)

If the account books are kept and stored electronically or in a comparable way and the vouchers are collected and stored electronically or in a comparable way, then the principles of correct data processing must be observed.

Art. 3 Integrity (authenticity and protection against falsification)

The account books must be kept and stored and the vouchers collected and stored in such a way that they cannot be changed without this being detected.

The essential requirements of are therefore proof of the integrity and the origin of the document. OelDI, however, stipulates that a digital signature with an advanced, hardware-based certificate is necessary in this case.

The SwissSign organisation certificate meets the requirements of the Ordinance of the Swiss Federal Department of Finance on Electronic Data and Information (OelDI) and the technical and administrative regulations (TAV) for CAs with regard to the issue of certificates based on advanced signatures.

This means that when signing electronic invoices and archiving documents according to GebüV with this OelDI-compliant certificate and qualified time stamp, this is legally compliant and audit-proof, in particular also when it is a matter of documents relevant for VAT.

Since the Organization Certificate is accepted by PDF reader (Adobe) it could be beneficial for everybody to proof the non-repudiation and integrity of a document. In this way the organization certificate can also be used by a foreign organization to show to their communication partner that the document (PDF) was not changed after signature.

But you must be aware that this does not include automatically the conformity to OElDI (Swiss law concerning the handling of VAT documents) for foreign organizations. If foreign organizations want to use the Organization Certificate to be compliant with OElDI (because they deal with Swiss relevant VAT documents) they should first consult the law situation in Switzerland. Some points must be considered (not exhaustive list):

A third party (OElDI 9) must be registered in the Swiss trade registry.

Prerequisites of data storage and unlimited access to the data from Switzerland (OElDI 10)

The information you will need to fill in the "Organization Identifier" section is normally contained in an official register (e.g. commercial register, UID register, VAT register). Similar registers also exist for companies abroad.

When filling in the “Organization Identifier” section in the certificate, a special structure must be observed (consists of four parts).

Please follow the structure below to fill in the “Organization Identifier” section correctly: